What security software should be installed on Internet café computers?

The security provided by many Internet cafes and other similar public access points has greatly improved over the last few years. But that's no substitute for due diligence on the part of users, says expert Michael Cobb.

I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.

Please check the box if you want to proceed.

I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.

Please check the box if you want to proceed.

By submitting my Email address I confirm that I have read and accepted the Terms of Use and Declaration of Consent.

you check for to make sure your data isn't kept on the machine? Is the machine secure if Windows SteadyState, an antivirus product or proper firewall, is installed? Generally speaking, just how safe is it to use such a place for day-to-day business (not banking)?

The security provided by many Internet cafes and other similar public access points has greatly improved over the last few years. But that's no substitute for due diligence on the part of users.

To start, the computers provided in an Internet café should certainly have a desktop security suite installed. The suite should have, as a minimum, firewall, antivirus and antispyware programs. It's obviously in the interests of the Internet café to ensure its computers run safely and efficiently. However, I would still not sanction their use by members of staff for business-related work or correspondence. How do you know that the desktop security suite has the latest virus signatures? Or that the newest system and software patches are installed? The recent zero-day flaw in Internet Explorer would certainly put many Internet café browsers at risk. Although the Internet café may have a policy of blocking questionable websites, attacks can also spread from legitimate sites that have been unwittingly compromised. An unlimited number of strangers sharing an Internet café machine greatly increases the likelihood of it becoming infected.

The problem with any public access point is that it has to be treated as a hostile environment. The physical and logical security controls that are possible within your organization's buildings are not available in the outside world. It is therefore much harder to ensure that sensitive business information remains safe. Despite the presence of security programs, such as a desktop security suite, there is still the risk of shoulder surfers and security cameras observing keystrokes or the contents of your screen. You can use privacy screen guards, such as those made by 3M Corp., to prevent people sitting next to you from being able to read your screen, but I don't know how to disguise your password keystrokes!

A tool like Windows SteadyState will certainly help the café's system administrator to control what users can and can't do, such as access programs, configuration settings, removable storage devices and websites. SteadyState also makes it easy for administrators to wipe data from a computer's hard drive. It is difficult to know, however, that this erasure is always performed once a machine is vacated and reassigned to another user. You, therefore, have to assume that data and deleted files may persist on the machine's hard disk.

Finally, all organizations should have a formal policy covering the use of mobile and third-party devices in places such as Internet cafes. It should include the requirements for physical protection, access controls, encryption, backups and virus protection. It should also include rules and advice on connecting shared or mobile devices to corporate networks and guidance on their use in public places. You need to reduce the chances of an employee accidentally disclosing sensitive information such as sales figures, client data or passwords. For me, the risks are just too high when using a third-party shared computer.

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy